It's no surprise that emerging networking technologies are fueling the need for higher-speed connections. But as the network is upgraded, network security tools must become more advanced, too.
Enterprise networking has grown convoluted as new kinds of network traffic -- such as video and big data -- begin to travel through organizations' networks. At the same time, developing trends, like software-defined networking (SDN), are demanding enterprises refresh every moving part of their IT infrastructure, according to a recent survey of enterprise IT buyers from Campbell, Calif.-based Infonetics Research Inc.
"Enterprises need new kinds of threat protection capabilities from their firewalls as faster network technologies are adopted," said Jeff Wilson, principal analyst for security at Infonetics. "Enterprises are upgrading because they need access to new ports, and need dramatic increases in session performance from their firewalls."
Network security tools evolve along with the network
Firewalls perform security for all traffic moving through the network. If network security tools are not upgraded along with the network, the firewall will soon become a choke point. "When increasing bandwidth, [enterprises] have to make sure they are increasing their capacity to examine that bandwidth so users aren't impacted in any way," said John Pironti, president of Rowley, Mass.-based consultancy IP Architects LLC.
Enterprises know they must invest in evolved firewall technology to support their new infrastructures, and 57% of enterprise IT buyers plan to spend $500,000 or more on high-end firewalls in 2014, according to the Infonetics survey. More specifically, organizations are seeking next-generation firewalls, which combine new functionality -- including intrusion prevention and identity awareness -- into one device, said Fred Kost, head of product marketing for Redwood City, Calif.-based Check Point Software Technologies Ltd. These features allow IT to control the use of Web-based applications, build user-based policies, and stop threats from malware and other attacks that traditional firewalls were not designed to block, Kost said.
More on network security tools
Integrating NAC with network security tools
Firewall security best practices
SMB network security tools without breaking the bank
"How enterprise employees use the network has changed," he said. "These new features, coupled with the high performance needed to keep up with ever-increasing network demands, are top-of-mind for most businesses."
The advent of SDN is also forcing enterprise IT to revisit its firewall technology. The architecture means firewalls have to react to a very dynamic environment. Palo Alto Networks -- among other next-generation firewall vendors -- is integrating its technology at the hypervisor level and can tie into different orchestration software with flexible application programming interfaces.
Regardless of the kind of network an enterprise has, IT administrators have the ability to set dynamic security policies as the traffic moves around the network, said Danelle Au, director of solutions marketing at Palo Alto Networks, based in Santa Clara, Calif.
"Enterprises still have to be able to protect their network, whether or not they are employing a new architecture -- like cloud or virtualization," Au said.
Application-level visibility: An enterprise must-have
As packets become more sophisticated, firewalls are becoming more aware at the application level, IP Architects' Pironti said. Enterprises are adding new applications every day, he said. Because of that, firewalls must be able to make more intelligent security decisions on their own.
Firewalls are becoming smarter, thanks to information from other networking tools, Pironti said. "It's not just a device that sits out by itself anymore with its own rules," he said.
But a more dynamic firewall can also translate to another networking complexity for IT. "With [firewalls] now getting data and feeds from other networking tools, IT has to figure out how to configure and maintain that data, which can cause complications for the network administrator," he said. "These are growing pains to be expected from upgraded networks."